Zero Day Monitor

Zero Day MonitorZDM

569

+16 today

Exploited (7d)

261

+5 today

Critical (7d)

1598

CISA KEV

23

Pre-CVE

3348

+484 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

ivanti · CVE-2026-6973 — CVE-2026-6973: An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticKEVEXPLOITEDPATCHED

endpoint_manager_mobile· CVSS 7.0· CWE-20

litellm · CVE-2026-42208 — LiteLLM: SQL injection in Proxy API key verificationKEVEXPLOITEDPATCHED

litellm· CVSS 9.8· CWE-89

linux · CVE-2026-31431 — crypto: algif_aead - Revert to operating out-of-placeKEVEXPLOITEDPATCHED

linux_kernel· CVSS 7.8· CWE-20

palo alto networks · CVE-2026-0300 — PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication PortalEXPLOITEDPATCHED

pan-os· CVSS 7.5· CWE-787

linux · CVE-2026-43284 — xfrm: esp: avoid in-place decrypt on shared skb fragsEXPLOITEDPATCHED

linux_kernel· CVSS 8.8· CWE-20

progress · CVE-2026-4670 — Improper Authentication vulnerability in Progress MOVEit AutomationEXPLOITEDPATCHED

moveit_automation· CVSS 9.8· CWE-305

go toolchain · CVE-2026-27143 — Missing bound checks can lead to memory corruption in safe Go in cmd/compileEXPLOITEDPATCHED

cmd/compile· CVSS 9.8

spring · CVE-2026-40982 — CVE-2026-40982: Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server EXPLOITEDPATCHED

spring cloud config· CVSS 9.1· CWE-22

progress · CVE-2026-5174 — Improper Access Control Vulnerability in Progress MOVEit AutomationEXPLOITEDPATCHED

moveit_automation· CVSS 7.7· CWE-20

mozilla · CVE-2026-8091 — Incorrect boundary conditions in the Audio/Video: Playback componentEXPLOITEDPATCHED

firefox· CVSS 9.8

→ View full list

Pre-CVE Events

ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover

axiosMEDIUM1 sourcesverified

ZERO-DAYADV990001 Latest Servicing Stack Updates

1 sourcesverified

Critical vulnerabilities in VMware Tanzu RabbitMQ on Kubernetes

broadcomCRITICAL1 sources

Multiple vulnerabilities in Red Hat Linux kernel

red hat1 sources

Multiple Vulnerabilities in Industrial Control Systems Products

Latest news

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-32201

Security Alert: Microsoft Releases April 2026 Security Updates

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates